Cellular service account transfer and authentication

ABSTRACT

Embodiments described herein relate to transfer of credentials between two mobile wireless devices that are within proximity of each other, via a secure local connection, or via a network-based cloud service, where the two mobile wireless devices are not in proximity to each other. Transfer of credentials can include communication between a source device, a target device, and/or one more network-based servers, which can include mobile network operator (MNO) managed servers, such as an entitlement server, a web-sheet server, an authentication server, a provisioning server, a subscription management data preparation (SM-DP+) server, a home subscriber server (HSS), and/or an authentication server, as well as third-party managed servers, such as a cloud service server and/or an identification services server. Authentication can be based at least in part on one or more tokens and/or a trust flag obtained by the source device and provided to the target device.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a continuation of U.S. application Ser. No.17/176,167, entitled “CELLULAR SERVICE ACCOUNT TRANSFER ANDAUTHENTICATION,” filed Feb. 15, 2021, set to issue Oct. 25, 2022 as U.S.Pat. No. 11,483,711, which is a continuation of U.S. application Ser.No. 16/667,617, entitled “CELLULAR SERVICE ACCOUNT TRANSFER ANDAUTHENTICATION,” filed Oct. 29, 2019, issued on Feb. 16, 2021 as U.S.Pat. No. 10,924,921, which claims the benefit of U.S. ProvisionalApplication No. 62/752,298, entitled “CELLULAR SERVICE ACCOUNT TRANSFERAND AUTHENTICATION,” filed Oct. 29, 2018, the contents of all of whichare incorporated by reference herein in their entirety for all purposes.

FIELD

The described embodiments relate to wireless communications, includingmethods and apparatus to support transfer of cellular service accountcredentials for cellular wireless services, such as cellular voice anddata services authorized by subscriber identity modules (SIMs) and/orelectronic SIM (eSIMs), between wireless devices.

BACKGROUND

Newer generation, e.g., fourth generation (4G) and fifth generation(5G), cellular wireless networks employing newer radio access technologythat implements one or more 3^(rd) Generation Partnership Project (3GPP)Long Term Evolution (LTE), LTE Advanced (LTE-A), and 5G standards arerapidly being developed and deployed by network operators worldwide. Thenewer cellular wireless networks provide a range of packet-basedservices for both voice and data in parallel. A user of a wirelessdevice can access services offered by a wireless network serviceprovider, also referred to as a mobile network operator (MNO), based onservice subscriptions controlled by authentication credentials includedin a profile, also referred to as a subscriber identity module (SIM),when included in a removable universal integrated circuit card (UICC),also referred to as a SIM card, or as an electronic SIM (eSIM), whenincluded in an embedded UICC (eUICC) of the wireless device. With aremovable UICC and an unlocked wireless device, a user can accessdifferent services by replacing the UICC/SIM combination. With aconfigurable eUICC, eSIMs can be downloaded to the eUICC for access todifferent wireless services. Wireless devices that accommodate multipleUICCs/SIMs and/or multiple eSIMs on an eUICC provide for multiplesubscriber identities to be used by the same wireless device to accessdifferent services, including services that can span different cellularwireless networks that use different cellular radio access technologies(RATs). A user can transfer cellular service accounts associated withone or more SIMs/eSIMs between wireless devices, such as when changingbetween different wireless devices or when purchasing and configuring anew wireless device to replace an older wireless device. There exists aneed for mechanisms to allow a user to transfer cellular service accountcredentials associated with SIMs/eSIMs between wireless devices.

SUMMARY

This Application describes various embodiments that relate to wirelesscommunications, including methods and apparatus to support transfer ofcellular service credentials for cellular wireless services, such ascellular voice and data services authorized by subscriber identitymodules (SIMs) and/or electronic SIM (eSIMs), between wireless devices.Transfer of cellular service credentials can occur between two devicesthat are within proximity of each other, e.g., where the devices canconnect securely via a local connection, such as via a wireless personalarea network (WPAN) connection, via a wireless local area network (WLAN)connection, via a peer-to-peer connection, or the like. Transfer ofcellular service credentials can also occur via an online network-basedservice, such as via an iCloud® service, where the devices need not bein proximity to each other. Cellular service account transfer andauthentication procedures can be based at least in part on provingauthorization to transfer using a transfer token and a trust flagprovided directly, e.g., via a peer-to-peer WPAN or WLAN connection whentwo devices are within proximity to each other, or indirectly, e.g., viaa common shared network-based cloud service account, when the twodevices are not connected to each other directly. In some embodiments,when a source device that seeks to transfer a cellular servicecredential to a target device cannot obtain a transfer token, the targetdevice can authenticate with a network server, e.g., an entitlementserver, separately using a challenge and response procedure. Whensuccessfully authenticated, the target device can use one or more tokensto transfer cellular service credentials. In some embodiments, a trustflag provides an indication of a trust relationship between a sourcedevice and a cellular service credential to be transferred, and sharedsecret data, such as a secret key, can be used to validate (orre-validate) a trust relationship. In some embodiments, transfer ofcellular service credentials from a source device occurs as part of asetup process for a target device. In some embodiments, the sourcedevice provides cellular service plan description and authenticationdata to the target device to use for presenting options via a userinterface of the target device for selection of which (if any) cellularservice plan credentials to transfer to the target device. In someembodiments, a trust flag relationship established for a SIM/eSIMtransferred to the target device can also be transferred to the targetdevice. In some embodiments, an MNO can require interaction with anetwork-based service, e.g., a web-sheet server, to allow for transferof one or more cellular service credentials to the target device.

Other aspects and advantages of the invention will become apparent fromthe following detailed description taken in conjunction with theaccompanying drawings which illustrate, by way of example, theprinciples of the described embodiments.

This Summary is provided merely for purposes of summarizing some exampleembodiments so as to provide a basic understanding of some aspects ofthe subject matter described herein. Accordingly, it will be appreciatedthat the above-described features are merely examples and should not beconstrued to narrow the scope or spirit of the subject matter describedherein in any way. Other features, aspects, and advantages of thesubject matter described herein will become apparent from the followingDetailed Description, Figures, and Claims.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure will be readily understood by the following detaileddescription in conjunction with the accompanying drawings, wherein likereference numerals designate like structural elements.

FIG. 1 illustrates a diagram of an exemplary transfer of cellularservice account credentials for access to cellular services from asource device to a target device, according to some embodiments.

FIGS. 2A through 2C illustrate diagrams of an exemplary flow to realizea one-click mode transfer of cellular service account credentialsbetween a source device and a target device within proximity of eachother, according to some embodiments.

FIG. 2D illustrates another flow diagram for an exemplary one-clicktransfer of a cellular service account credential between two deviceswithin proximity of each other, according to some embodiments.

FIG. 2E illustrates a flow chart of an exemplary method for a one-clickmode transfer of cellular service account credentials from a sourcedevice to a target device, according to some embodiments.

FIG. 3A illustrates a diagram of an exemplary series of user interfacedisplays for a transfer of cellular service account credentials for acellular service plan between two devices, according to someembodiments.

FIG. 3B illustrates a flow diagram for an exemplary network-based cloudservice account transfer of cellular service account credentials betweena source device and a target device, according to some embodiments.

FIG. 3C illustrates a flow chart of an exemplary method for anetwork-based cloud service account transfer of cellular servicecredentials between two devices, according to some embodiments.

FIGS. 4A through 4C illustrate diagrams of an exemplary flow to transfercellular service account credentials from a source device to a targetdevice using an interactive mode, according to some embodiments.

FIG. 5A illustrates a diagram of an exemplary transfer of cellularservice account credentials between a source device and a target devicevia a network-based cloud service, according to some embodiments.

FIGS. 5B through 5D illustrate diagrams of an exemplary transfer ofcellular service account credentials using an interactive mode via anetwork-based cloud service, according to some embodiments.

FIGS. 6A through 6C illustrate diagrams of an exemplary flow to transfercellular service account credentials using a one-click mode via anetwork-based cloud service, according to some embodiments.

FIGS. 7A through 7E illustrate diagrams of examples of using a sharedsecret key to establish trust and allow for authentication of a cellularservice account credential of a device with an MNO server, according tosome embodiments.

FIG. 8 illustrates a block diagram of exemplary elements of a mobilewireless device, according to some embodiments.

DETAILED DESCRIPTION

Representative applications of methods and apparatus according to thepresent application are described in this section. These examples arebeing provided solely to add context and aid in the understanding of thedescribed embodiments. It will thus be apparent to one skilled in theart that the described embodiments may be practiced without some or allof these specific details. In other instances, well known process stepshave not been described in detail in order to avoid unnecessarilyobscuring the described embodiments. Other applications are possible,such that the following examples should not be taken as limiting.

In the following detailed description, references are made to theaccompanying drawings, which form a part of the description and in whichare shown, by way of illustration, specific embodiments in accordancewith the described embodiments. Although these embodiments are describedin sufficient detail to enable one skilled in the art to practice thedescribed embodiments, it is understood that these examples are notlimiting; such that other embodiments may be used, and changes may bemade without departing from the spirit and scope of the describedembodiments.

Cellular wireless capability continues to be incorporated into a broadarray of electronic devices, including mobile phones, tablets, portablecomputers, wearable devices, automobiles, etc. Additionally, credentialsfor access to cellular wireless services are evolving from removablesecure cards, also referred to as subscriber identity module (SIM)cards, to include electronic SIMs (eSIMs) that can be installed andupdated dynamically on secure system boards, such as embedded UniversalIntegrated Circuit Cards (eUICCs). A user can own and use multipledifferent electronic devices that each have cellular wireless servicecapabilities and can seek to re-use cellular service features and/orsettings across multiple cellular-capable electronic devices. Forexample, when acquiring a new cellular-capable electronic device, a usercan seek to transfer cellular credentials from an existing device to thenew device in as flexible and efficient a manner as possible. As such,this Application describes cellular service account transfer andauthentication procedures that can be used to move credentials andupdate cellular mobile network operator (MNO) servers appropriately.

A user can seek to transfer credentials from a first device, which canbe referred to as a source device, to a second device, which can bereferred to as a target device. The user can be associated with a commonuser account, e.g., an Apple ID maintained by a network-based cloudservice, e.g., iCloud, and can register each of the source device andthe target device with the same user account. The user can seek totransfer credentials from a physical SIM card, e.g., a 4FF card, of thesource device to an eUICC of the target device. Alternatively, and/oradditionally, the user can seek to transfer credentials in the form ofan eSIM included in an eUICC of a source device to an eUICC of a targetdevice. Devices that include an eUICC can usually support multipleeSIMs, and in some instances, the user can seek to transfer a set ofeSIMs from a source device to a target device. Some devices can alsoinclude both one or more removable SIM cards and one or more eSIMs on aneUICC of the device, and the user can seek to transfer credentials fromthe SIM card(s) and/or eSIMs from the eUICC of the device to anotherdevice.

Transfer of credentials can occur between two devices that are withinproximity of each other, e.g., where the devices can connect securelyvia a local connection, such as via a wireless personal area network(WPAN) connection, via a wireless local area network (WLAN) connection,via a peer-to-peer connection, or the like. Transfer of credentials canalso occur via a network-based cloud service, such as via an iCloudservice, where the devices need not be in proximity to each other. Ineither case, transfer of credentials can include communication betweenthe source device, the target device, and/or one more network-basedservers, which can include mobile network operator (MNO) managedservers, such as an entitlement server, a web-sheet server, anauthentication server, a provisioning server, a subscription managementdata preparation (SM-DP+) server, a home subscriber server (HSS), and/oran authentication server, as well as third-party managed servers, suchas a cloud service server and/or an identification services server.

These and other embodiments are discussed below with reference to FIGS.1 through 8 ; however, those skilled in the art will readily appreciatethat the detailed description given herein with respect to these figuresis for explanatory purposes only and should not be construed aslimiting.

FIG. 1 illustrates a diagram 100 of an exemplary transfer of credentialsfrom a source device 110 to a target device 150 when the source device110 and the target device 150 are within proximity of each other andable to establish a secure connection between the target device 150 andthe source device 110. In some embodiments, the source device 110 andthe target device 150 can present, via respective user interfaces,information to assist a user in transferring credentials from the sourcedevice 110 to the target device 150. An encoded image, such as a quickresponse (QR) code and/or a dynamic version thereof, can be provided onthe target device 150 for verifying the target device 150 by the sourcedevice 110. When verification via an image scan performed by the sourcedevice 110 (or another verification mechanism) succeeds, a “one-click”cellular service transfer option procedure can be provided for the userto transfer one or more credentials associated with a particular mobiledevice phone number (and/or with a particular cellular service account)from the source device 110 to the target device 150. In someembodiments, multiple credentials associated with a single cellularservice account can be transferred from the source device 110 to thetarget device 150. In some embodiments, one or more credentialsassociated with a particular international mobile subscriber identity(IMSI) can be transferred from the source device 110 to the targetdevice 150. In some embodiments, a list of cellular service accounts,plans, and/or phone numbers can be presented from which a user canselect one or more to transfer from the source device 110 to the targetdevice 150.

FIGS. 2A, 2B, and 2C illustrate diagrams 200, 210, 220 of an exemplaryflow to realize a one-click mode transfer of credentials between asource device 110 and a target device 150 when the source device 110 andthe target device 150 are within proximity of each other. Transfer ofcredentials can occur in conjunction with an initialization procedure202 for the target device 150, in some embodiments, or as a separateprocess after initialization of the target device 150 has completed. Theone-click operation illustrated in FIGS. 2A, 2B, and 2C allows forbypassing interaction with a web sheet server 140 maintained by anassociated MNO to simplify the transfer process, as the user need notrecall infrequently used (and therefore easily forgotten) logincredentials required by the MNO for account service management. Instead,an MNO server, e.g., an entitlement server 130, can authorize transferwhen the source device 110 provides a valid trust flag and an accesstoken, to which in response the MNO provides a transfer token that has alimited validity time period. At 204, an option to transfer one or morecellular service subscriptions from the source device 110 to the targetdevice 150 can be presented to the user for selection and/or approval.The target device 150, at 206, can send a request to the source device110 to transfer one or more cellular service subscriptions. The sourcedevice 110 can send a transfer authorization request, at 208, to anentitlement server 130 providing a valid access token (which the sourcedevice 110 can have previously obtained) and a trust flag (which canprovide an indication of a relationship between the source device 110and a cellular service account to be transferred). The source device 110can obtain from the entitlement server 130, at 211, a transfer tokenwith an indication of a limited time expiration for the transfer tokento be used for transfer of the associated cellular service account(s).The source device can provide the transfer token and expiration time,along with additional data, at 212, to the target device 150 for use inrequesting transfer of cellular services from the source device 110 tothe target device 150. Exemplary data can include a hardware identifierof the source device 110, e.g., an universal integrated circuit card(eUICC) identifier (EID), a set of tokens including the access token,the transfer token, an authorization key agreement (AKA) token, an MNOserver address, e.g., a universal resource locator (URL) or fullyqualified domain name (FQDN) for a provisioning server from which toobtain appropriate credentials for the target device 150. The sourcedevice 110 can transfer the data to the target device 150 securely(e.g., encrypted and via a secure connection) along with one or moretokens that can be used by the target device 150 to validate with one ormore MNO servers. In some embodiments, the source device 110communicates with multiple MNO entitlement servers 130 associated withrespective MNOs to obtain transfer tokens to transfer one or morecellular service subscriptions for different MNOs to the target device150. The source device 110 can provide sufficient information gatheredfrom MNO servers to the target device 150 to use to connect with(authenticate), identify the cellular service subscriptions to transfer,and indicate authorization to transfer the cellular servicesubscriptions to the target device 150. In some embodiments, credentialsto be transferred can be associated with unique identifiers, e.g.,integrated circuit card identifiers (ICCIDs), and a user can seek totransfer cellular service for one or more of multiple ICCIDs from thesource device 110 to the target device 150, where the multiple ICCIDsare associated with a common MNO and a common user cellular servicesubscription account. In some embodiments, at 214, a user can select oneor more ICCIDs associated with a common user cellular servicesubscription account for which cellular service is requested to transferto the target device 150, e.g., via an interface of the target device150. (For different MNOs, the procedure can be repeated separately toallow transfer of cellular service for one or more ICCIDs from multipleMNOs as well; however, each distinct MNO can require its own unique setof tokens). In some embodiments, when the source device 110 is unable toobtain a transfer token from the entitlement server 130, a challenge andresponse message exchange can be used to authenticate the target device150 with the entitlement server 130. At 216, the target device 150authenticates with the entitlement server 130 using the AKA token andthe transfer token obtained from the source device 110. At 216, thetarget device 150 also requests push notification to be enabled using aphone number from the source device 110, e.g., an “old IMSI” value, andan indication that an ICCID' s state will be changed. At 216, the targetdevice 150 further submits a request to the entitlement server 130 totransfer cellular service for one or more SIMs/eSIMs from the sourcedevice 110 to the target device 150. The target device 150 can provideto the entitlement server 130 the trust flag obtained by the sourcedevice 110 previously from the entitlement server 130. At 218, theentitlement server 130 recognizes the target device 150 requestsauthorization to transfer service based on the provided transfer tokenand trust flag. When the target device 150 authenticates successfullywith the entitlement server 130, such as based on providing a validtransfer token and a valid trust flag, the entitlement server 130, at222, interfaces with an eSIM (provisioning) server 145 to obtain newICCIDs to use for cellular service for the target device 150. Theentitlement server 130, at 224, also interfaces with MNO back-endservers, e.g., a home subscriber server (HSS), an operations supportsystem (OSS), business support system (BSS), or the like, abbreviated asHSS/BSS 147, to provision the target device 150 to an existingsubscription plan, updating the international mobile subscriber identity(IMSI) to correspond to a new ICCID value (for an eSIM to be installedin the target device 150) and associating the target device 150 with thesubscription plan previously used by the source device 110. At 226, theentitlement server 130 updates an IMSI value associated with a pushtoken to correspond to the IMSI of the target device 150. At 228, theentitlement server 130 provides to the target device an indication thatauthentication is successful, push notification has been enabled, andthat cellular service for a SIM/eSIM can be transferred to the targetdevice 150. The entitlement server 130, at 228, can provide a networkaddress, e.g., a URL or a fully qualified domain name (FQDN) for aprovisioning (eSIM) server 145 from which the target device 150 candownload the credentials for access to the cellular service of the MNO.The target device 150, at 231, subsequently obtains a valid eSIMassociated with the new ICCID and installs the valid eSIM on its eUICC.At 232, the target device 150 can enter a scan (monitor) mode to scanfor an access network of the cellular wireless network with which theinstalled valid eSIM is associated. The target device 150 can useinformation contained in a previously installed carrier bundle todetermine radio frequencies and other relevant parameters to perform thescan search for the access network. At 234, the target device 150 canperform an Extensible Authentication Protocol Authentication KeyAgreement (EAP-AKA) procedure with the entitlement server 130 andrequest from the entitlement server 130 status for the eSIM associatedwith the new ICCID. At 236, the target device 150 obtain an AKA tokenfrom the entitlement server 130 and an indication that the eSIM isactive. Following authentication with the entitlement server 130, thetarget device 150 can be activated for using cellular service via theMNO' s network using credentials associated with the new ICCID. In someembodiments, the target device 150, at 238, can notify the source device110 that the new ICCID has been activated, indicating that cellularservice has been transferred to the target device 150. In someembodiments, the target device 150, at 254, notifies the source device110 that the old ICCID, previously used for cellular service access bythe source device 110, is now inactive. At 256, the source device 110can send an authentication message to the entitlement server 130 using apreviously used AKA token and can also send a message requesting statusfor the eSIM associated with the old ICCID value. As the eSIM is nolonger usable for the source device 110, having been transferred to thetarget device 150, the entitlement server 130 is unable to authenticatethe source device with the provided AKA token and returns, at 258, anauthentication message with an error indication of an unknown subscriberas well as an unusable status indication for the eSIM. In someembodiments, the source device 110 can subsequently be deactivated withthe MNO, e.g., when no remaining valid eSIMs or SIM cards are installedand/or activated on the source device 110. In some embodiments, at 260,the source device can disable baseband wireless circuitry when no valideSIMs/SIMs are installed or activated for the source device 110following the transfer procedure. In some embodiments, at 262, basebandwireless circuitry of the source device 110 can be disabled based on anerror that occurs when attempting to attach to the access network of thecellular wireless network of the MNO for which transfer of credentialshas completed successfully to the target device 150. The credentialtransfer illustrated in FIGS. 2A, 2B, and 2C can allow for moving asubscription from the source device 110 to the target device 150 withoutmaking any changes to the subscription. The transfer can be used by auser of the two devices, source device 110 and target device 150, toswap between them as desired with minimal interaction, thereby allowingfor ICCID reassignment and/or re-use across multiple devices without theMNO invalidating ICCIDs. This efficient transfer mode provides forflexible use of multiple devices based on a familiar subscription plan.In some embodiments, ICCID values are reused. In some embodiments,cellular service for an old ICCID value used at a source device 110 isreassigned to a new ICCID value at the target device 150.

FIG. 2D illustrates another flow diagram 230 for a one-click modetransfer of a cellular service credential, e.g., an eSIM, between twodevices, e.g., the source device 110 and the target device 150, when thetwo devices are within proximity of each other. At step 1, the sourcedevice 110 and the target device 150 can pair with each other andestablish a secure connection between themselves. At step 2, the sourcedevice 110 can perform a transfer authentication procedure with an MNOnetwork server, e.g., the entitlement server 130. At step 3, the sourcedevice 110 can transfer subscription plan information and authenticationdata to the target device 150 via the secure connection establishedduring proximity sharing of step 1. At step 4, the target device 150 canobtain user consent, e.g., via a user interface interaction, to installa cellular service plan and associated data to the target device 150. Atstep 5, the target device 150 can perform the transfer via communicationwith the entitlement server 130. At step 6, the target device 150 canobtain applicable eSIMs (also referred to in some embodiments asprofiles) from an MNO provisioning server, e.g., a subscriptionmanagement data preparation platform, also referred to as an SMDP+server 160. In some embodiments, transfer of the credentials can beallowed by the MNO based on a trust flag provided by the target device150 to the MNO server. In some embodiments, the subscription planassociated with the transferred credentials (eSIMs) can be configured bya user of the target device 150.

FIG. 2E illustrates an exemplary flow chart 240 of a method for aone-click mode transfer of cellular service credentials from a sourcedevice 110 to a target device 150. At 242, the target device 150 and thesource device 110 establish a secure connection via a proximity sharingfeature. At 244, the source device 110 performs a transferauthentication procedure with the entitlement server 130 and obtainsauthentication data to use for transfer of the cellular servicecredentials to the target device 150. At 246, the source device 110transfers cellular service plan description and authentication data tothe target device 150 via the secure connection established viaproximity sharing. At 248, the target device 150 presents a cellularservice plan listing via a user interface and obtains user consent toeffect the transfer cellular service to the target device 150. At 250,after obtaining user consent, the target device 150 triggers directcellular service credential (eSIM) installation to the target device150, when an MNO associated with the to be installed eSIM supportsauthentication/authorization via a trust flag provided by the targetdevice 150. At 252, the cellular service plan can be optionallyconfigured using a SIM/eSIM setup procedure via the target device 150.

FIG. 3A illustrates a diagram 300 of an exemplary series of userinterface displays for a transfer of cellular service accountcredentials for a cellular service plan between two devices using anetwork-based cloud service account with additional interaction with anMNO web-sheet server. A user can access an option for transferringcredentials via a settings menu and indicate a device from which totransfer cellular service plan credentials. In some embodiments, a setof one or more devices associated with a common user account, e.g., anApple iCloud account, can be presented from which a user can select adevice to transfer one more cellular service plan credentials. In someembodiments, the cellular service plan credential transfer indicated inFIG. 3A, can be performed after initialization of a target device towhich the credential(s) will transfer has occurred. In some embodiments,both a source device (from which the credentials will transfer) and thetarget device can be both logged into a common user account, e.g., theApple iCloud account, using a common user identify, e.g., an identicalApple identifier (ID), and the source device and the transfer deviceneed not be within proximity of each other. In some embodiments, thetarget device can discover a set of one or more associated sourcedevices from which cellular service credentials may be eligible fortransfer to the target device. In some embodiments, the target deviceauthorizes transfer of cellular service credentials via communicationwith a web-sheet server of an associated MNO, e.g., by entering MNO useraccount credentials to the web-sheet server for an existing cellularservice user subscription account. Authentication via the web-sheetserver can be used with an MNO instead of a transfer token as describedfor FIGS. 2A to 2E.

FIG. 3B illustrates a flow diagram 310 for an exemplary network-basedcloud service account transfer of credentials by interacting with an MNOweb-sheet server. At step 1, the source device 110 and the target device150 can pair with each other via a proximity sharing feature andestablish a secure connection between themselves. At step 2, the sourcedevice 110 can perform a transfer authentication procedure with theentitlement server 130. At step 3, the source device 110 can transfersubscription plan information and authentication data to the targetdevice 150 via the secure connection established via the proximitysharing feature of step 1. At step 4, the target device 150 can obtainconsent, e.g., via a user interface interaction, to install a cellularservice plan and associated data to the target device 150. At step 5,the target device 150 can perform the transfer via communication withthe entitlement server 130. At step 6, the target device 150 can beredirected to an MNO web-sheet server and require additionalauthentication credentials, e.g., a login/password/security PIN, etc.,for a cellular service user subscription account, and upon successfulverification, the MNO web sheet server can provide additionalinformation, such as terms and conditions for subscription to thecellular service plan, etc. to the target device 150. At step 7, thetarget device 150 can obtain applicable eSIMs (also referred to in someembodiments as profiles) from an MNO SMDP+ server 160. At step 8, insome embodiments, the subscription plan associated with the transferredcredentials (eSIMs) can be configured by a user of the target device150. The flow illustrated in FIG. 3B can be used when the MNO does notsupport use of a trust flag and requires separate authentication of theuser to permit management of cellular services associated with acellular service account.

FIG. 3C illustrates a flow chart 320 of an exemplary method for anetwork-based cloud service account transfer of cellular servicecredentials including interaction with an MNO web-sheet server. At 322,the target device 150 and the source device 110 establish a secureconnection, e.g., via a proximity sharing feature. At 324, the sourcedevice 110 performs a transfer authentication procedure with an MNOserver, e.g., an entitlement server 130, and obtains authentication datafrom the entitlement server 130 to provide to the target device 150. At326, the source device 110 transfers cellular service plan descriptionand authentication data to the target device 150 via the secureconnection established via the proximity sharing feature. At 328, thetarget device 150 presents a cellular server plan listing via a userinterface of the target device 150 and obtains user consent to effectthe transfer of one or more cellular service credentials. At 330, afterobtaining user consent, the target device 150 redirects to an MNOweb-sheet server, which requires that the target device 150 successfullycomplete authentication (login), and subsequently presents terms andconditions for cellular service plans, and optionally providesadditional (up-sell) cellular service plan information. At 332, afterconfirmation via the MNO web-sheet server, the target device 150triggers credential/profile (eSIM) installation from a provisioningserver, e.g., an SMDP+ server 160 of the MNO. At 334, the cellularservice plan can be optionally configured using a SIM/eSIM setupprocedure via an interface of the target device 150.

FIGS. 4A, 4B, and 4C illustrate diagrams 400, 410, 420, of an exemplarytransfer of cellular service account credentials, e.g., eSIMs, between asource device 110 and a target device 150 using an interactive mode. Aninteractive value determines whether redirection to a web-sheet serveris required to complete the transfer of the credentials. At 402, aninitialization procedure to setup the target device 150 is performed. At404, an option to transfer a cellular service subscription plan from anassociated source device 110 to the target device 150 can be presentedto a user via an input/output of the target device 150, and a user canprovide an indication to cause a transfer to occur. At 406, the targetdevice 150 sends a message to the source device 110 to request atransfer of one or more cellular service plans from the source device110 to the target device 150. The source device 110 can be withinproximity of the target device 150, and communication between the sourcedevice 110 and the target device 150 can be over a secure directconnection. In some embodiments, the source device 110 and the targetdevice 150 can each be logged into a common user account, e.g., an AppleiCloud account, and can communicate via a network-based connection(instead of and/or in addition to a direct proximity connection). At408, the source device 110 authenticates with an applicable MNO server,e.g., the entitlement server 130, using an EAP-AKA authenticationprocedure. In some embodiments, the source device 110 provides apreviously obtained access token and trust flag (the latter may havebeen obtained from a third-party server or from an MNO server), wherethe trust flag provides an indication of an existing trust relationshipbetween a user account and the source device 110. In some embodiments,the entitlement server 130 determines whether to grant a request for achange of service, e.g., to transfer service from the source device 110to another device, such as the target device 150, based at least in parton the trust flag. At 412, the entitlement server 130 provides to thesource device 110 an authentication and key agreement (AKA) token and atransfer token with an expiration time (indicating a time period or timeexpiration for the transfer token). In some embodiments, the sourcedevice 110 communicates with multiple MNO entitlement servers 130associated with respective MNOs to obtain transfer tokens to transferone or more cellular service subscriptions for different MNOs to thetarget device 150. The source device 110 can provide sufficientinformation gathered from MNO servers to the target device 150 to use toconnect with (authenticate), identify the cellular service subscriptionsto transfer, and indicate authorization to transfer the cellular servicesubscriptions to the target device 150. At 414, the source device 110communicates data to the target device 150 to use for the cellularservice transfer. The data can include unique identifiers of the sourcedevice 110, e.g., an EID value, one or more ICCIDs for one or morecellular service credentials, e.g., eSIMs, to transfer (or potentiallytransfer based on a subsequent user selection of which cellular servicecredentials to transfer), an access token, the transfer token (obtainedpreviously from the entitlement server 130), the trust flag, the AKAtoken (also obtained previously from the entitlement server 130), anexpiration time indication for the transfer token, network addresses forone or more MNO servers, e.g., URLs or FQDNs for provisioning serversfrom which to downloaded applicable cellular service credentials to thetarget device 150. At 416, a user can select one or more ICCIDsassociated with cellular service plans to transfer to the target device150 from the source device 110, such as via an interactive listpresented on an I/O of the target device 150. In some embodiments,multiple ICCIDs can be selected when associated with the same MNO andsame user cellular service subscription account. (For different MNOs,the procedure can be repeated separately to allow transfer of cellularservice for one or more ICCIDs from multiple MNOs as well; however, eachdistinct MNO can require its own unique set of tokens). In someembodiments, when the source device 110 is unable to obtain a transfertoken from the entitlement server 130, a challenge and response messageexchange can be used to authenticate the target device 150 with theentitlement server 130. At 418, the target device 150 authenticates withthe entitlement server 130 using the AKA token and the transfer tokenobtained from the source device 110. The target device 150 can alsorequest push notifications to be enabled for the target device using anidentifier from the source device 110, e.g., an IMSI value for thesource device 110 and an indication of a state change for an ICCID to betransferred. The target device 150 can also submit a request to theentitlement server 130 to transfer cellular service for one or moreSIMs/eSIMs from the source device 110 to the target device 150. Thetarget device 150 can provide to the entitlement server 130 the trustflag obtained by the source device 110 previously from the entitlementserver 130. In some embodiments, the target device 150 provides aninteractive value that indicates that interaction with a web-sheetserver may be required to authorize transfer of the cellular servicecredentials from the source device 110 to the target device 150. At 422,the entitlement server 130 recognizes the target device 150 requestsauthorization to transfer service based on the provided transfer tokenand trust flag. At 424, the entitlement server 130 determines whetherinteraction with a web-sheet server is required based on the interactivevalue included in the transfer SIM/eSIM service request provided at 418.When the interactive value indicates that web-sheet server interactionis required, further steps are performed to effect transfer of theSIMs/eSIMs. At 426, the entitlement server 130 indicates to the targetdevice 150 that authentication was successful and push notification isenabled, and the target device 150 additionally provides network addressfor one or more network servers, e.g., the web-sheet server 140 and/orthe eSIM server 145, along with additional data for the target device150 to use for downloading and installing eSIMs. At 428, the targetdevice 150 communicates with an MNO web-sheet server 140 and providesinformation for transfer of cellular services from the source device 110to the target device 150. At 430, the web-sheet server 140 presentsterms and conditions information and optionally cellular service planchoices to the target device 150. At 432, the web-sheet server 140communicates with an MNO provisioning server, e.g., the eSIM server 145,to obtain ICCID values for the eSIMs to be provisioned to the targetdevice 150. At 434, the web-sheet server 140 communicates withappropriate MNO back-end servers, e.g., HSS/BSS server 147, to provisionapplicable cellular service plan subscriptions to the target device 150.The IMSI value (e.g., phone number) previously assigned to the sourcedevice 110 can be reassigned to the target device 150 and associatedwith a new ICCID value associated with an eSIM to be downloaded to thetarget device 150. The cellular service plan to be transferred from thesource device 110 can be applied to the target device 150 in theback-end server systems. At 436, the IMSI associated with a push tokencan be updated by the web-sheet server 140 to correspond to anapplicable IMSI of the target device 150. At 438, the target device 150and web-sheet server 140 perform a Javascript callback procedure, whichprovides to the target device information at 440 for downloading andinstalling from a provisioning server, e.g., from eSIM server 145,cellular service credentials for one or more eSIMs (having ICCIDvalues). At 442, a user can select which of multiple ICCID values toenable as active at the target device 150. For example, a user maydownload multiple eSIMs and select which of them are to be active, withthe non-selected ones remaining inactive for later possible activationand use. At 442, the target device 150 enters a monitor mode to scan forcellular access networks with which to register and on which to camp.The target device 150 can use information previously installed in acarrier bundle to target device 150 for determining radio networkparameters to use for the scan search. At 444, the target device 150 canquery the entitlement server 130 to obtain status for a SIM/eSIM(identified by its ICCID value). When the installed eSIM is activated,the target device 150 can obtain in response from the entitlement server130 an indication that the eSIM is active. At 448, the target device 150can notify the source device 110 that the ICCID for the installed eSIMis active via a proximity sharing connection or via a network-basedcloud service message. In some embodiments, the target device 150, at450, notifies the source device 110 that the old ICCID, previously usedfor cellular service access by the source device 110, is now inactive.In some embodiments, the source device 110 can subsequently bedeactivated with the MNO, e.g., when no remaining valid eSIMs or SIMcards are installed and/or activated on the source device 110. In someembodiments, at 452, the source device can disable baseband wirelesscircuitry when no valid eSIMs/SIMs are installed or activated for thesource device 110 following the transfer procedure. In some embodiments,at 454, the baseband wireless circuitry of the source device 110 can bedisabled based on an error that occurs when attempting to attach to theaccess network of the cellular wireless network of the MNO for whichtransfer to the target device 150 of credentials has completedsuccessfully.

FIG. 5A illustrates a diagram 500 of an exemplary transfer of cellularservice account credentials between a source device 110 and a targetdevice 150 via a network-based cloud service. At step 1, the sourcedevice 110 obtains authorization for the transfer from the entitlementserver 130. At step 2, the source device 110 and the entitlement server130 interact and agree to allow transfer of one or more cellular servicecredentials from the source device 110 to another device, e.g., to thetarget device 150. At steps 3A and 3B, the source device 110authenticates for the cellular service credential transfer with the MNOHSS/BSS 147 via the entitlement server 130 based at least in part on atrust flag. The entitlement server 130 can provide account transferinformation to the source device 110 (and as shown in subsequent stepsto the target device 150), while the HSS/BSS 147 (and/or other MNOback-end servers) can transfer (or update) subscription of cellularservice account credentials. At step 4A, the source device 110 transfersinformation for the cellular service credential transfer, e.g., anauthentication token and a URL for the entitlement server 130 in anetwork-based cloud service 504. Notably, steps 1-4A can be performed bythe source device 110 separately from initialization of the targetdevice 150, e.g., without knowledge of the specific target device 150 towhich transfer of cellular service credentials may subsequently occur.At step 4B, the target device 150 can perform an initializationprocedure, e.g., via the network-based cloud service 504. Note that step4B and 4A, in some embodiments, can be separated in time where thesource device 110 preloads the transfer information into the cloudservice 504 for later retrieval by the target device 150. This allowsfor the transfer of cellular service credentials to occur withoutrequiring proximity of the source device 110 to the target device 150.Moreover, in some embodiments, the target device 150 can retrieveinformation for the cellular service credential transfer from thenetwork-based cloud service 504 without requiring the source device 110to be powered on or to be connected to the cellular wireless network orto the network-based cloud service 504, as information for the cellularservice credential transfer is already stored and ready by completion ofstep 4A. At step 5, the target device 150 obtains the authenticationtoken and URL for the entitlement server 130 from the network-basedcloud service 504. At step 6, the target device 150 authenticates withthe entitlement server 130 to effect the cellular service credentialtransfer. At step 7, the entitlement server 130 obtains service accountinformation from the MNO HSS/BSS 147. At step 8, the target device 150and the entitlement server 130 exchange account transfer information. Atstep 9, options to continue or exit the account transfer process arepresented via the target device 150. At step 10, when account transferproceeds (does not exit), account verification with the MNO HSS/BSS 147and account transfer request occurs. At step 11, the HSS/BSS 147interacts with the SM-DP+ 160 to prepare for the cellular servicecredential transfer to the target device 150. At step 12, the MNOHSS/BSS 147 indicates activation completion to the entitlement server130. At step 13, the target device 150 obtains the cellular servicecredentials (eSIM(s)) from the MNO SM-DP+ 160 using a JavaScriptcallback procedure.

FIGS. 5B, 5C, and 5D illustrates diagrams 510, 520, 530 of an exemplarytransfer of cellular service account credentials, e.g., eSIMs, using aninteractive mode via a network-based cloud service. The source device110 uploads data to the cloud service 504, such as unique device/serviceidentifiers, authentication tokens, a trust flag, URLs, etc. for thetarget device 150 to retrieve subsequently to proceed with transfer ofthe cellular service credentials associated with an MNO subscription.The flow illustrated allows for transfer of the cellular servicecredentials using the network-based cloud service so that the sourcedevice 110 and target device 150 need not be in proximity to each other.Transfer data is communicated between the source device 110 and thetarget device 150 via the network-based cloud service 504 rather thanvia a direct secure proximity connection between the source device 110and the target device 150. In some embodiments, the interactive modeincludes presentation of service plan subscription information and/oroptions via an MNO web-sheet server.

At 512, an initialization procedure to setup the target device 150 isperformed. At 514, an option to transfer one or more cellular servicesubscription plans from a source device 110 to the target device 150 canbe presented to a user via an input/output of the target device 150, anda user can provide an indication to approve a transfer. In someembodiments, at 516, a user can indicate approval via a user interface(UI) input of the source device 110 to allow for transfer of thecellular service subscriptions to the target device 150. At 518, thesource device 110 performs an EAP-AKA authentication procedure with theentitlement server 130 and requests a transfer token from theentitlement server 130. The request for the transfer token can include atrust flag that indicates a time-based relationship of the source device110 and a user account. At 522, the entitlement server 130 obtains froman authorization server 502 a transfer access token for use by thetarget device 150 to transfer the one or more cellular servicesubscription plans. At 524, the source device obtains from theentitlement server 130 an AKA token (which can be subsequently used bythe target device 150 for authentication with the entitlement server 130when seeking to transfer the cellular service credentials). The sourcedevice also obtains, at 524, a transfer access token with an associatedexpiration time that limits when the transfer access token can be used.At 528, the source device 110 uploads data to a network-based cloudservice, e.g., to cloud service 504, for subsequent retrieval by anotherdevice, e.g., by the target device 150, to use for cellular servicecredential transfer. The data uploaded can include identifiers from thesource device 110, e.g., an EID value, ICCID values, as well as one ormore tokens for authentication and transfer, a trust flag, networkaddresses, e.g., URLs and/or FQDNs for provisioning servers, etc. Insome embodiments, data upload to the cloud service 504 can precede atransfer operation, and a user can authorize a future transfer ofcellular service credentials in advance, e.g., by selecting an unlocktransfer switch/setting. In some embodiments, an upload of the cellularservice credential transfer data by the source device 110 to the cloudservice 504 can automatically (without additional user consent) allowfor transfer of the cellular service credentials to another device,e.g., to the target device 150. At 526, the target device 150 canprovide a prompt via a user interface regarding options for cellularservice subscription (and associated credential) transfer to the targetdevice 150. The prompt can be based at least in part on subscriptiontransfer information being already pre-placed in the cloud service bythe source device 110 with which the target device 150 can beassociated, e.g., via a common user account. At 532, the target device150 can obtain from the cloud service 504 cellular service subscriptiondata previously uploaded by the source device 110 to use to assist withtransfer of cellular service subscription credentials from the sourcedevice 110 to the target device 150. At 534, a user can select one ormore cellular service credentials, which can be identified by respectiveICCID values, to the target device 150. In some embodiments, multiplecellular service credentials associated with different ICCID values canbe transferred during a single transfer process with the different ICCIDvalues are associated with the same MNO and a common cellular serviceuser subscription account. At 536, the target device 150 authenticateswith the entitlement server 30, using for example the AKA token and thetransfer access token obtained via the cloud service 504. At 536, thetarget device 150 further obtains status for one or more cellularservice credentials, by providing one or more identifiers to theentitlement server 130, e.g., by sending a request for SIM/eSIM statusto the entitlement server 130 with an EID of the eUICC of the sourcedevice 110 and an ICCID value for an eSIM for which status is requested.At 536, the target device 150 further requests that cellular servicecredentials for the identified SIM/eSIM be transferred to the targetdevice 150 from the source device 110. The transfer request can includean identifier of the source device 110, an identifier of the targetdevice 150, the previously obtained transfer token, a trust flag, and amode for transfer. In some embodiments, at 536, the target device 150additionally requests the push notifications be enabled for the targetdevice 150, e.g., by providing an appropriate push token to theentitlement server 130. At 538, the entitlement server 130 recognizesthat the target device 150 requests (and is authorized for) transfer ofcellular service credentials based at least in part on the transfertoken and trust flag provided by the target device 150. At 540, theentitlement server 130 determines, based on a transfer mode valueprovided by the target device 150, whether a cellular service planchoice is required, such as to allow for a cellular service plan changeor upgrade and a relevant cellular service plan subscription type forthe target device 150. At 542, the entitlement server 130 provides anindication to the target device that authentication and authorizationfor the requested cellular service plan transfer is successful and anindication of a web-sheet server 140 of the MNO with which the targetdevice 150 can further authenticate and authorize transfer of thecellular service credentials. At 544, the target device 150 providesinformation to the web sheet server 140, which can include data obtainedfor the cellular service plan transfer obtained from (and/or previouslyprovided to) the entitlement server 130. In some embodiments, as part ofthe communication at 544 and/or at 546, the target device 150successfully provides a challenge response to the web-sheet server 140,and the web-sheet server 140 provides an indication of applicablecellular service plan choices and terms and conditions to the targetdevice 150. At 548, the web-sheet server 140 obtains from a provisioningserver of the MNO, e.g., the eSIM server 145, a set of one or more eSIMs(with associated ICCID values) to provide to the target device 150. Theweb-sheet server 140 also communicates with applicable MNO back-endservers, such as HSS/BSS 147, at 550, to provision to the target deviceupdated cellular service plan selections. At 552, the web-sheet server140 can update a push token for an IMSI for a cellular service plantransferred to correspond to the target device 150. At 554, the targetdevice can participate in a Javascript callback procedure with theweb-sheet server 140 to obtain a network address for an MNO provisioningserver, e.g., for eSIM server 145, from which to subsequently, at 556,download and install the eSIMs associated with the ICCID values assignedto the target device 150. At 558, the target device 150 can enter anetwork monitor mode to scan for access network of the cellular wirelessnetwork with which to associate, register, and camp on. In someembodiments, the target device 150 uses information in a carrier bundlepreviously installed in the target device 150 to determine parametersfor the access network search. At 560/562, the target device 150 candetermine based on communication with the entitlement server 130 thatthe cellular service plan(s) are activated for the target device 150. At564, the target device 150 can notify the source device 110 when thecellular service plans have been transferred via a proximity sharingconnection or via a network-based cloud service message. In someembodiments, at 566, the target device 150 indicates to the sourcedevice 110 that the cellular service credentials transferred are nowinactive for the source device 110.

FIGS. 6A, 6B, and 6C illustrate diagrams 600, 610, 620 of an exemplaryflow to transfer cellular service account credentials, e.g., eSIMs,using a one-click mode via a network-based cloud service. The procedureillustrated in FIGS. 6A, 6B, and 6C allows for bypassing interactionwith an MNO web-sheet server 140 based on the target device 150presenting valid authentication data, e.g., tokens, a trust flag, etc.obtained by the target device 150 from the source device 110 via thenetwork-based cloud service. In some embodiments, multiple credentials,e.g., multiple eSIMs can be transferred between devices, e.g., from thesource device 110 to the target device 150, at one time, rather thanrequiring transfer and authentication of each eSIM individually. In someembodiments, each credential/eSIM is associated with a unique transfertoken, which can be obtained in parallel from the network-based cloudservice by the target device 150 and presented together to allow fortransfer of multiple eSIMs. At 602, an initialization procedure to setupthe target device 150 is performed. At 604, an option to transfer one ormore cellular service subscription plans from the source device 110 tothe target device 150 can be presented to a user via a user interface ofthe target device 150. At 606, optionally, a user can provide anindication via a user interface of the source device 110 to enabletransfer of one or more cellular service subscription plans to thetarget device 150. At 608, the source device 110 performs an EAP-AKAprocedure to authenticate with the entitlement server 130 and requestsfrom the entitlement server 130 a transfer token. The source device 110,in some embodiments, can provide a trust flag, which can be used toindicate a relationship between the source device 110 and a user accountby which the entitlement server 130 can determine whether to honor therequest for providing the requested token to the source device 110. Thetrust flag can be used for indicating authorization for a requestedcellular service credential transfer (or for other management proceduresfor cellular service credentials) and can bypass customary requirementsfor a cellular service account login and password with the entitlementserver 130. At 612, the entitlement server 130 obtains one or moretransfer access tokens from an authorization server 502 to use fortransfer of one or more associated cellular service credentials. At 614,the entitlement server 130 responds to the source device with an AKAtoken, which can indicate authentication of the source device 110 wassuccessful, and can provide the one or more transfer access tokens tothe source device 110 along with an indication of expiration time(s) forthe transfer access tokens. The source device 110, at 618, can upload toa network-based cloud service 504 the obtained transfer access tokensalong with additional data useful for transfer of associated cellularservice credentials to another mobile wireless device. Additional datacan include hardware identifiers for the source device 110, e.g., an EIDof an eUICC in the source device 110, one or more ICCID values forSIMs/eSIMs installed in the source device 110, a trust flag, an AKAtoken, network addresses, e.g., URLs and/or FQDNs, for one or morenetwork provisioning servers from which to obtain applicable cellularservice credentials, e.g., eSIMs, to download to another mobile wirelessdevice. The set of data uploaded to the cloud service 504 can bereferred to as subscription data. At 616, based on presence ofsubscription data in the cloud service 504, the target device canprovide a prompt via a user interface regarding subscription transfer.At 622, the target device 150, which can be associated with a commonuser account, e.g., for the network-based cloud service, can retrievefrom the cloud service 504 all or part of the subscription datapreviously uploaded by the source device 110. In some embodiments, whenthe source device 110 is unable to acquire a transfer access token fortransfer of a cellular service credential, the target device 150 canprovide a response to a challenge from the entitlement server 130, e.g.,provide a valid user login identifier and password for a cellularservice user account, to authenticate and provide authorization torequest transfer of one or more cellular service account credentials tothe target device 150. At 624, a user can select one or more cellularservice account credentials, e.g., identified by ICCID values, totransfer from the source device 110 to the target device 150. In someembodiments, multiple cellular service credentials can be transferred tothe target device 150 when belonging to a common MNO and an identicalcellular service user subscription account. At 626, the target device150 authenticates with the entitlement server 130 using the AKA tokenand the transfer access token obtained from the cloud service 504. Insome embodiments, at 626, the target device 150 requests pushnotification to be enabled for the target device 150 for a particularpush token (which may have been previously used for push notificationsto the source device 110). In some embodiments, at 626, the targetdevice 150 further requests that cellular account service credentialsfor one or more SIMs/eSIMs be transferred from the source device 110 tothe target device 150. The request to transfer the cellular serviceaccount credentials can include identifiers for the source device 110and target device 150 as well as applicable tokens for indicatingauthorization to transfer the cellular service account credentials,e.g., one or more transfer access tokens and a trust flag obtained fromthe cloud service 504. At 628, the entitlement server 130 can determinewhether the target device 150 is authorized for the transfer requestbased at least in part on the transfer access token and trust flagprovided by the target device 150. At 632, the entitlement server 130determines an applicable subscription type for the target device 150 andwhether a cellular service plan choice is required of a user of thetarget device 150 in order to transfer one or more of the cellularservice account credentials to the target device 150. This determinationcan be based at least in part on a transfer mode value provided by thetarget device 150 to the entitlement server 130 in the transfer requestat 626. At 634, the entitlement server 130 can obtain from aprovisioning server, e.g., eSIM server 145, a set of one or morecellular service account credentials, e.g., eSIMs with associated ICCIDvalues, for installation on the eUICC of the target device 150, wherethe eUICC can be identifier by a particular EID value. At 636, theentitlement server 130 can communicate with one or more network back-endservers, e.g., HSS/BSS 147, to provision to the target device 150subscription for one or more of the requested cellular service accountcredentials and can indicate a selection cellular service accountsubscription plan, which can be an upgrade or update from a previouslyselected plan. At 638, the entitlement server 130 can update an IMSIvalue associated with a push token to corresponds to the target device150, which can be reassigned an IMSI value previously assigned to thesource device 110, or which in some cases can be a different IMSI value.At 642, the entitlement server 130 can indicate to the target device 150successful authentication and can indicate successful transfer of one orcellular service credentials to the target device 150. Note that at 642,the internal MNO network servers are updated with information regardingservice for one or more cellular service credentials for the targetdevice 150; however, the actual cellular service credentials have yet tobe downloaded to the target device 150. At 642, the entitlement server130 further provides information to assist the target device 150 tocomplete transfer of the one or more cellular service credentials. Theinformation can include one or more ICCID values, one or more networkaddresses for provisioning servers, e.g., URLs and/or FQDNs, asconfirmation of an EID value for the eUICC of the target device 150, andan indication of an active state for the requested transferred cellularservice account credentials. At 644, the target device 150 downloads andinstalls one or more cellular service credentials, e.g., eSIMsassociated with respective ICCID values, from a network provisioningserver, e.g., eSIM server 145. At 646, the target device 150 enters amonitor mode to scan for cellular access networks with which toassociate and camp on. The target device 150 can use radio frequencyscan information included in a previously installed carrier bundle.After camping on an applicable access network, the target device 150, at648, can perform an EAP AKA procedure with the entitlement server 130and obtain a status for a cellular service credential, e.g., requestingstatus of a SIM/eSIM corresponding to a particular ICCID value. Theentitlement server 130, at 652, can indicate successful authenticationof the target device 150 by responding with an AKA token and indicatethat the requested SIM/eSIM status is active. At 654, the target device150 can notify the source device 110 that the transferred cellularservice credential is active for the target device 150. Notification canoccur via a proximity-based direct connection or via a network-basedcloud service. At 656, in some embodiments, the target device 150notifies the source device 110 of an inactive state of the transferredcellular service credential for the source device 110. At 658, thesource device 110 can send an authentication message to the entitlementserver 130 using a previously used AKA token and can also send a messagerequesting status for the eSIM associated with the old ICCID value. Asthe eSIM is no longer usable for the source device 110, having beentransferred to the target device 150, the entitlement server 130 isunable to authenticate the source device with the provided AKA token andreturns, at 662, an authentication message with an error indication ofan unknown subscriber as well as an unusable status indication for theeSIM. At 664, the source device 110 can disable baseband wirelesscircuity contained therein when no valid eSIMs/SIMs are installed oractive for the source device 110 following the transfer procedure. Insome embodiments, at 666, the baseband wireless circuitry of the sourcedevice 110 can be disabled based on an error that occurs when attemptingto attach to the access network of the cellular wireless network of theMNO for which transfer of credentials to the target device 150 hascompleted successfully.

Trust Based Authentication

FIGS. 7A, 7B, 7C, 7D, and 7E illustrate diagrams 700, 730, 750, 770, and790 of examples of using a shared secret key (shared secret data) toestablish trust and allow for authentication of a SIM/eSIM of a mobilewireless device, e.g., source device 110, with an MNO server 702, e.g.,an entitlement server 130 or an authorization server 502, withoutrequiring use of a cellular service account login and password.

As shown in FIG. 7A, during establishment of an association of aSIM/eSIM to the source device 110, e.g., at 704, after initial setup andpairing of a SIM/eSIM in the source device 110 with an MNO server 702,the source device 110 and the MNO server 702, at 706, generate sharedsecret data, referred to herein as a shared secret key (SK), such asbased on a Diffie-Hellman (DH) key exchange or other comparablepublic/private encryption scheme. The SK can be associated, at 708, witha particular SIM/eSIM, and therefore with a particular mobileidentification number, e.g., a phone number, also referred to as anIMSI, of the source device 110. The SK can be stored, at 710, in securestorage external to the secure element that stores the SIM/eSIM(s) ofthe source device 110, e.g., in a secure keychain. The SK can also bestored separately in a network-based cloud service, e.g., at an iCloudserver. A time duration since the establishment of the SK can be used aspart of evaluating a trust score for the source device 110. The SK canbe used in conjunction with challenge/response procedures to verify thatthe source device 110 retains the SK established for the SIM/eSIM. At712, the source device 110 can communicate with the MNO server 702,which can provide a random number (RAND) challenge to which the sourcedevice 110 can provide a challenge response based on a hash of the RANDvalue and the previously established SK. The SIM/eSIM can beremoved/deactivated and subsequently re-installed/re-activated in thedevice, at 714, and the source device 110 can pair with the MNO server702 using the re-installed/re-activated SIM. The source device 110 canbe verified by the MNO server 702 using the previously established SK.For example, the MNO server 702 can determine, at 718, whether the SK isvalid of a particular mobile identifier, e.g., a phone number (IMSIvalue) provided by the source device 110. When an SK value is valid forthe IMSI value, the MNO server 702 can issue an authenticationchallenge, at 720, to the source device 110, which can respond, at 722,with an appropriate challenge response based at least in part on the SK.The authentication challenge and challenge response can prove that thesource device 110 possesses the SK. When the challenge passes, asdetermined by the MNO server 702 at 724, the MNO server 702 candetermine, at 726, that a previously established trust relationship forthe SK and the phone number (IMSI value) is retained by the sourcedevice 110.

As shown in FIG. 7B, the trust relationship between a first device,e.g., source device 110, and the MNO server 702 can be transferred to asecond device, e.g., target device 150, when transferring a cellularservice credential, e.g., a SIM/eSIM, between the source device 110 andthe target device 150, and the target device 150 can demonstratepossession of a previously established shared secret key (SK). The SKcan be stored external to the source device 110, e.g., in a securenetwork-based cloud storage service that retains encrypted informationfor the source device 110. The target device 150, when associated with acommon user account that also is associated with the source device 110(and as allowed by a user of the source device 110 and the target device150) can access the SK stored locally (or remotely in the cloud storageservice) in the keychain of the source device 110. For example, thetarget device 150, when permitted by the user, can obtain informationfrom the keychain of the source device 110 via the network-based cloudservice, including accessing the previously established SK for aSIM/eSIM that is moved from the source device 110 to the target device150. The target device 150 can demonstrate possession of the SK as partof the authentication challenge/response procedure used by the MNOserver 702 to validate the target device 150. When the target device 150can respond successfully to the challenge, e.g., based on the previouslyestablished SK, the MNO server 702 can trust the target device 150. Theexisting trust relationship for the source device 110 can thus transferwith the SIM/eSIM to the target device 150, when the associated SK forthe transferred SIM/eSIM also is available to the target device 150.

Initially, at 704, the source device 110 pairs with the MNO server 702based on a cellular service credential, e.g., SIM/eSIM. Subsequently, at706, the source device 110 and the MNO server use a Diffie-Hellman (DH)key exchange (or comparable public/private encryption scheme) togenerate a shared secret key (SK). The SK can be stored securely at thesource device 110, e.g., in a keychain, and can also be stored securelyat a cloud-based service, e.g., in a keychain of an iCloud account. TheSK can be paired, at 708, with an identifier associated with a SIM/eSIMof the source device 110, e.g., an IMSI value (phone number). The sourcedevice 110 can demonstrate possession of the SK by responding to arandom number (RAND) challenge provided by the MNO server 702 at 712with an appropriate challenge response, e.g., with a hash value that isbased on a combination of the RAND and the SK. The MNO server 702 candetermine that the source device 110 continues to retain the SK based onthe appropriately provided challenge response and maintain a trustrelationship based at least in part on a duration of time elapsed fromSK setup to continued demonstration of possession of the SK. At 732, aSIM/eSIM can be moved from the source device 110 to the target device150, where the target device 150 and the source device 110 areassociated with a common user account, e.g., an identical iCloudaccount. The target device 150, at 734, can pair with the MNO server 702using the SIM/eSIM that was transferred from the source device 110. At736, the MNO server 702 can determine whether there exists a valid SKfor the SIM/eSIM (and its associated phone number). When there doesexist a valid SK (with an implied trust relationship), the MNO server702 can determine whether the target device 150, which paired with theSIM/eSIM, also possesses the associated SK. At 738, the MNO server 702issues an authentication challenge to the target device 150 based on arandom (RAND) value. The target device 150, at 740, replies to the MNOserver 702 with a challenge response that is based on the RAND value andthe SK associated with the SIM/eSIM that was used for pairing at 734.When the MNO server 702 determines, at 742, that the challenge responseis valid (appropriately based on the SK), the MNO server 702 candetermine that the target device 150 possesses the SK corresponding tothe SIM/eSIM, and at 744, the trust relationship established for the SKcan be retained and associated with the target device 150.

As shown in FIG. 7C, a trust relationship for a SIM/eSIM associated witha previously established SK can be invalidated when a second device,e.g., target device 150, attempts to authenticate with the MNO server702 and does not possess the previously established SK. For example, aSIM/eSIM may be installed in the target device 150, where the targetdevice 150 is not associated with the same user account as the sourcedevice 110. While the SIM may be valid for authentication with the MNOserver 702, the target device 150 cannot access the SK, as the targetdevice 150 does not have access, e.g., via a network-based cloud serviceaccount, to the secure encrypted keychain information of the sourcedevice 110. As such the target device 150 cannot successfully respond toa challenge that uses the SK from the MNO server 702, and thechallenge/response procedure fails. The MNO server 702 can determinethat the SIM/eSIM is being used by a new device and can require that anew SK be established with the target device 150. The trust relationshipfor the new SK can be set to a zero time duration and trust (based on alength of time that the new SK has been associated with the SIM/eSIM)must be rebuilt.

Initially, at 704, the source device 110 pairs with the MNO server 702based on a cellular service credential, e.g., SIM/eSIM. Subsequently, at706, the source device 110 and the MNO server 702 use a Diffie-Hellman(DH) key exchange (or comparable public/private encryption scheme) togenerate a shared secret key (SK). The SK can be stored securely at thesource device 110, e.g., in a keychain, and can also be stored securelyat a cloud-based service, e.g., in a keychain of an iCloud account. TheSK can be paired, at 708, with an identifier associated with a SIM/eSIMof the source device 110, e.g., an IMSI value (phone number). The sourcedevice 110 can demonstrate possession of the SK by responding to arandom number (RAND) challenge provided by the MNO server 702 at 712with an appropriate challenge response, e.g., with a hash value that isbased on a combination of the RAND and the SK. The MNO server 702 candetermine that the source device 110 continues to retain the SK based onthe appropriately provided challenge response and maintain a trustrelationship based at least in part on a duration of time elapsed fromSK setup to continued demonstration of possession of the SK. At 752, aSIM/eSIM can be moved from the source device 110 to the target device150, where the target device 150 and the source device 110 are notassociated with a common user account, e.g., use different iCloudaccounts or have no relationship to each other. The target device 150,at 754, can pair with the MNO server 702 using the SIM/eSIM that wastransferred from the source device 110. At 756, the MNO server 702 candetermine whether there exists a valid SK for the SIM/eSIM (and itsassociated phone number). When there does exist a valid SK (with animplied trust relationship), the MNO server 702 can determine whetherthe target device 150, which paired with the SIM/eSIM, also possessesthe associated SK. At 758, the MNO server 702 issues an authenticationchallenge to the target device 150 based on a random (RAND) value. At760, the target device 150 provides to the MNO server 702 a challengeresponse. As the target device 150 does not possess the SK, thechallenge response fails when checked by the MNO server 702 at 762. At764, the MNO server 702 can conclude that the pairing of the SK, whichis not possessed by the target device 150, with the phone numberassociated with the SIM/eSIM installed in the target device 150 is nolonger valid, and a new trust relationship must be established. Thus,the trust relationship between the previous SK and the phone number forthe SIM/eSIM is reset at 764. Subsequently, at 766, the target device150 and the MNO server 702 use a Diffie-Hellman (DH) key exchange (orcomparable public/private encryption scheme) to generate a new sharedsecret key (SK), which can be stored securely at the target device 150,e.g., in its own keychain, and can also be stored securely in acloud-based service, e.g., in a keychain of an iCloud account associatedwith the target device 150. A trust relationship between the new SK andthe phone number is restarted by the MNO server 702 and managed based onchallenge/response exchanges between the MNO server 702 and the targetdevice 150, where the target device 150 provides proof of possession ofthe new SK to the MNO server 702.

As shown in FIG. 7D, a trust relationship based on an established SK canbe used for validation of a device, e.g., source device 110, with anetwork server, e.g., MNO server 702, to perform certain cellularservice management operations, such as to subscribe to a new feature orservice or to change a feature or service for a SIM/eSIM installed (orto be installed) in the source device 110. The MNO server 702 canrequire that the source device 110 provide a valid response based on achallenge that uses the SK to prove that the source device 110 stillpossesses the SK (and does not simply possess the eSIM/SIM). Beforeallowing access to new/changed features or services, the MNO server 702can reconfirm the trust relationship based on the established SK.

Initially, at 704, the source device 110 pairs with the MNO server 702based on a cellular service credential, e.g., SIM/eSIM. Subsequently, at706, the source device 110 and the MNO server 702 use a Diffie-Hellman(DH) key exchange (or comparable public/private encryption scheme) togenerate a shared secret key (SK). The SK can be stored securely at thesource device 110, e.g., in a keychain, and can also be stored securelyat a cloud-based service, e.g., in a keychain of an iCloud account. TheSK can be paired, at 708, with an identifier associated with a SIM/eSIMof the source device 110, e.g., an IMSI value (phone number). The sourcedevice 110 can demonstrate possession of the SK by responding to arandom number (RAND) challenge provided by the MNO server 702 at 712with an appropriate challenge response, e.g., with a hash value that isbased on a combination of the RAND and the SK. The MNO server 702 candetermine that the source device 110 continues to retain the SK based onthe appropriately provided challenge response and maintain a trustrelationship based at least in part on a duration of time elapsed fromSK setup to continued demonstration of possession of the SK. At 772, thesource device 110 can send a request to the MNO server 702 to perform amanagement operation for a SIM/eSIM installed (or to be installed) inthe source device 110, e.g., to subscribe to a new feature of servicefor the SIM/eSIM. At 774, the MNO server 702 can determine whether thereexists a valid SK for the SIM/eSIM (and its associated phone number).When there does exist a valid SK (with an implied trust relationship),the MNO server 702 can determine whether the source device 110, whichpreviously paired with the SIM/eSIM, continues to possess the associatedSK. At 776, the MNO server 702 issues an authentication challenge to thesource device 110 based on a random (RAND) value. At 778, the sourcedevice 110 provides to the MNO server 702 a challenge response using thestored SK. At 780, the MNO server 702 confirms that the challengepasses, and at 782, the MNO server provides an indication to the sourcedevice 110 that a new feature and/or service as requested has beenstarted for cellular service subscription associated with the SIM/eSIMof the source device 110.

As shown in FIG. 7E, in some embodiments, transfer of an account from afirst device, e.g., source device 110, to a second device, e.g., targetdevice 150, can require that the source device 110 prove possession ofthe SK before allowing transfer of an account to the target device 150.When the source device 110 can demonstrate possession of the SK, e.g.,by successfully responding to a challenge that is based on thepreviously established SK, the MNO server 702 can allow for initiatingtransfer of a service, an account, a credential, an eSIM, a set ofeSIMs, or the like from the source device 110 to the target device 150.When the source device 110 cannot demonstrate possession of the SK,e.g., by not being able to successfully respond to the challenge that isbased on the SK, the MNO server 702 can disallow transfer of requestedservices, accounts, credentials, etc. to the target device 150.

Initially, at 704, the source device 110 pairs with the MNO server 702based on a cellular service credential, e.g., SIM/eSIM. Subsequently, at706, the source device 110 and the MNO server 702 use a Diffie-Hellman(DH) key exchange (or comparable public/private encryption scheme) togenerate a shared secret key (SK). The SK can be stored securely at thesource device 110, e.g., in a keychain, and can also be stored securelyat a cloud-based service, e.g., in a keychain of an iCloud account. TheSK can be paired, at 708, with an identifier associated with a SIM/eSIMof the source device 110, e.g., an IMSI value (phone number). The sourcedevice 110 can demonstrate possession of the SK by responding to arandom number (RAND) challenge provided by the MNO server 702 at 712with an appropriate challenge response, e.g., with a hash value that isbased on a combination of the RAND and the SK. The MNO server 702 candetermine that the source device 110 continues to retain the SK based onthe appropriately provided challenge response and maintain a trustrelationship based at least in part on a duration of time elapsed fromSK setup to continued demonstration of possession of the SK. At 791, thetarget device 150 can perform a setup procedure, e.g., via a proximitysharing connection with the source device 110 and/or via a connection toa network-based cloud service, e.g., to an iCloud account. The targetdevice 150 can directly (or indirectly) cause the source device 110 toinitiate a cellular service account transfer, at 792, from the sourcedevice 110 to the target device 150, where the source device 110contacts the MNO server 702 to initiate the transfer. The cellularservice account to be transferred can include a SIM/eSIM with which thesource device 110 previously paired with the MNO server 702 for which atrust relationship exists based on a generated and stored shared secretkey (SK). at 793, the MNO server 702 can determine whether there existsa valid SK for a SIM/eSIM to be transferred (and its associated phonenumber). When there does exist a valid SK (with an implied trustrelationship), the MNO server 702 can determine whether the sourcedevice 110, which paired with the MNO server 702 using the SIM/eSIMpreviously, continues to possess the SK associated with the SIM/eSIM. At794, the MNO server 702 issues an authentication challenge to the sourcedevice 110 based on a random (RAND) value. At 795, the source device 110provides to the MNO server 702 a challenge response based on the RANDvalue and the SK value. At 796, the MNO server 702 concludes that thechallenge response is valid, and at 798 the MNO server provides anindication to the source device 110 that a cellular service accountincluding the SIM/eSIM will transfer to the target device 150.

Representative Exemplary Apparatus

FIG. 8 illustrates in block diagram format an exemplary computing device800 that can be used to implement the various components and techniquesdescribed herein, according to some embodiments. In particular, thedetailed view of the exemplary computing device 800 illustrates variouscomponents that can be included in the source device 110 and/or thetarget device 150. As shown in FIG. 8 , the computing device 800 caninclude a processor 802 that represents a microprocessor or controllerfor controlling the overall operation of computing device 800. In someembodiments, the computing device 800 can also include a user inputdevice 808 that allows a user of the computing device 800 to interactwith the computing device 800. For example, in some embodiments, theuser input device 808 can take a variety of forms, such as a button,keypad, dial, touch screen, audio input interface, visual/image captureinput interface, input in the form of sensor data, etc. In someembodiments, the computing device 800 can include a display 810 (screendisplay) that can be controlled by the processor 802 to displayinformation to the user (for example, information relating to incoming,outgoing, or active communication sessions). A data bus 816 canfacilitate data transfer between at least a storage device 840, theprocessor 802, and a controller 813. The controller 813 can be used tointerface with and control different equipment through an equipmentcontrol bus 814. The computing device 800 can also include a network/businterface 811 that couples to a data link 812. In the case of a wirelessconnection, the network/bus interface 811 can include wirelesscircuitry, such as a wireless transceiver and/or baseband processor. Thecomputing device 800 can also include a secure element 850. The secureelement 850 can include an eUICC and/or UICC.

The computing device 800 also includes a storage device 840, which caninclude a single storage or a plurality of storages (e.g., hard drives),and includes a storage management module that manages one or morepartitions within the storage device 840. In some embodiments, storagedevice 840 can include flash memory, semiconductor (solid state) memoryor the like. The computing device 800 can also include a Random-AccessMemory (RAM) 820 and a Read-Only Memory (ROM) 822. The ROM 822 can storeprograms, utilities or processes to be executed in a non-volatilemanner. The RAM 820 can provide volatile data storage, and storesinstructions related to the operation of the computing device 800.

Representative Embodiments

In some embodiments, a method for cellular service account transfer andauthentication includes, at a target device: establishing a secureconnection with a source device via a proximity sharing feature;obtaining cellular service plan description and authentication data forone or more electronic subscriber identity modules (eSIMs) from thesource device via the secure connection; and triggering, after obtaininguser consent, direct installation of at least one of the one or moreeSIMs to the target device from a server of a mobile network operator(MNO), where the target device and the source device are associated witha common user account.

In some embodiments, the authentication data includes at least onetransfer token obtained by the source device from the server of the MNO.In some embodiments, the authentication data includes at least one trustflag that indicates a trust relationship between an eSIM of the one ormore eSIMs and the source device. In some embodiments, theauthentication data obviates a requirement for the target device toperform a cellular service user account login procedure with a web-sheetserver of the MNO. In some embodiments, the method further includes, atthe target device: presenting, via a user interface of the targetdevice, a listing on the one or more eSIMs; and obtaining, via the userinterface of the target device, a selection of the at least one of theone or more eSIMs to transfer to the target device. In some embodiments,the method further includes, at the target device, performing a setupprocedure for the one or more eSIMs installed on the target device toconfigure one or more associated cellular service plans. In someembodiments, the method further includes, at the target device:receiving, from the server of the MNO, a redirection to a web-sheetserver of the MNO; authenticating with the web-sheet server based on acellular service account login and password; obtaining cellular serviceplan terms and conditions from the web-sheet server; and providing anindication of consent to the cellular service plan terms and conditionsto the web-sheet server.

In some embodiments, a method for cellular service account transfer andauthentication includes, at an entitlement server of a mobile networkoperator (MNO): providing, to a source device, authentication data fortransfer of one or more electronic subscriber identity modules (eSIMs);receiving, from a target device, a request to transfer at least one eSIMof the one or more eSIMs, the request including at least a portion ofthe authentication data; and responsive to successful authentication ofthe target device based on the at least a portion of the authenticationdata: obtaining, from a provisioning server, at least one identifiercorresponding to the at least one eSIM to be transferred to the targetdevice; and providing, to the target device, the at least one identifiercorresponding to the at least one eSIM and a network address for theprovisioning server.

In some embodiments, the authentication data includes at least onetransfer token. In some embodiments, the method further includes, at theentitlement server, obtaining the at least one transfer token from anauthorization server. In some embodiments, the authentication dataincludes at least one trust flag that indicates a trust relationshipbetween an eSIM of the one or more eSIMs and the source device. In someembodiments, the authentication data obviates a requirement for thetarget device to perform a cellular service user account login procedurewith a web-sheet server of the MNO. In some embodiments, the methodfurther includes, at the entitlement server, communicating with one ormore back-end servers of the MNO to provision the at least one eSIM tothe target device. In some embodiments, the method further includes, atthe entitlement server, updating a push notification token for thetarget device to correspond to an international mobile subscriptionidentifier (IMSI) for an eSIM of the at least one eSIM transferred tothe target device.

In some embodiments, a method for cellular service account transfer andauthentication includes, at a source device: establishing a secureconnection with a target device via a proximity sharing feature;receiving a request for information regarding electronic subscriberidentity modules (eSIMs) transferable from the source device to thetarget device; obtaining, from an entitlement server of a mobile networkoperator (MNO), authentication data for transferring one or more eSIMs;and providing, to the target device via the secure connection, cellularservice plan description and authentication data for the one or moreeSIMs, where the target device and the source device are associated witha common user account.

In some embodiments, the authentication data includes at least onetransfer token. In some embodiments, the authentication data includes atleast one trust flag that indicates a trust relationship between an eSIMof the one or more eSIMs and the source device. In some embodiments, theauthentication data obviates a requirement for the target device toperform a cellular service user account login procedure with a web-sheetserver of the MNO. In some embodiments, the method further includes, atthe source device, receiving an indication that at least one eSIM of theone or more eSIMs has been transferred to the target device. In someembodiments, the method further includes, at the source device,disabling baseband circuitry of the source device when transfer of theat least one eSIM results in no active eSIMs remaining at the sourcedevice.

Wireless Terminology

In accordance with various embodiments described herein, the terms“wireless communication device,” “wireless device,” “mobile device,”“mobile station,” and “user equipment” (UE) may be used interchangeablyherein to describe one or more common consumer electronic devices thatmay be capable of performing procedures associated with variousembodiments of the disclosure. In accordance with variousimplementations, any one of these consumer electronic devices may relateto: a cellular phone or a smart phone, a tablet computer, a laptopcomputer, a notebook computer, a personal computer, a netbook computer,a media player device, an electronic book device, a MiFi® device, awearable computing device, as well as any other type of electroniccomputing device having wireless communication capability that caninclude communication via one or more wireless communication protocolssuch as used for communication on: a wireless wide area network (WWAN),a wireless metro area network (WMAN) a wireless local area network(WLAN), a wireless personal area network (WPAN), a near fieldcommunication (NFC), a cellular wireless network, a fourth generation(4G) LTE, LTE Advanced (LTE-A), and/or 5G or other present or futuredeveloped advanced cellular wireless networks.

The wireless communication device, in some embodiments, can also operateas part of a wireless communication system, which can include a set ofclient devices, which can also be referred to as stations, clientwireless devices, or client wireless communication devices,interconnected to an access point (AP), e.g., as part of a WLAN, and/orto each other, e.g., as part of a WPAN and/or an “ad hoc” wirelessnetwork. In some embodiments, the client device can be any wirelesscommunication device that is capable of communicating via a WLANtechnology, e.g., in accordance with a wireless local area networkcommunication protocol. In some embodiments, the WLAN technology caninclude a Wi-Fi (or more generically a WLAN) wireless communicationsubsystem or radio, the Wi-Fi radio can implement an Institute ofElectrical and Electronics Engineers (IEEE) 802.11 technology, such asone or more of: IEEE 802.11a; IEEE 802.11b; IEEE 802.11g; IEEE802.11-2007; IEEE 802.11n; IEEE 802.11-2012; IEEE 802.11ac; or otherpresent or future developed IEEE 802.11 technologies.

Additionally, it should be understood that the UEs described herein maybe configured as multi-mode wireless communication devices that are alsocapable of communicating via different third generation (3G) and/orsecond generation (2G) RATs. In these scenarios, a multi-mode userequipment (UE) can be configured to prefer attachment to LTE networksoffering faster data rate throughput, as compared to other 3G legacynetworks offering lower data rate throughputs. For instance, in someimplementations, a multi-mode UE may be configured to fall back to a 3Glegacy network, e.g., an Evolved High Speed Packet Access (HSPA+)network or a Code Division Multiple Access (CDMA) 2000 Evolution-DataOnly (EV-DO) network, when LTE and LTE-A networks are otherwiseunavailable.

It is well understood that the use of personally identifiableinformation should follow privacy policies and practices that aregenerally recognized as meeting or exceeding industry or governmentalrequirements for maintaining the privacy of users. In particular,personally identifiable information data should be managed and handledso as to minimize risks of unintentional or unauthorized access or use,and the nature of authorized use should be clearly indicated to users.

The various aspects, embodiments, implementations or features of thedescribed embodiments can be used separately or in any combination.Various aspects of the described embodiments can be implemented bysoftware, hardware or a combination of hardware and software. Thedescribed embodiments can also be embodied as computer readable code ona non-transitory computer readable medium. The non-transitory computerreadable medium is any data storage device that can store data which canthereafter be read by a computer system. Examples of the non-transitorycomputer readable medium include read-only memory, random-access memory,CD-ROMs, HDDs, DVDs, magnetic tape, and optical data storage devices.The non-transitory computer readable medium can also be distributed overnetwork-coupled computer systems so that the computer readable code isstored and executed in a distributed fashion.

The foregoing description, for purposes of explanation, used specificnomenclature to provide a thorough understanding of the describedembodiments. However, it will be apparent to one skilled in the art thatthe specific details are not required in order to practice the describedembodiments. Thus, the foregoing descriptions of specific embodimentsare presented for purposes of illustration and description. They are notintended to be exhaustive or to limit the described embodiments to theprecise forms disclosed. It will be apparent to one of ordinary skill inthe art that many modifications and variations are possible in view ofthe above teachings.

What is claimed is:
 1. A method for cellular service user subscriptionaccount transfer from a source device to a target device, the methodcomprising: by the target device: obtaining, from a cloud-networkservice, authentication data for one or more electronic subscriberidentity modules (eSIMs) associated with the cellular service usersubscription, wherein: the authentication data includes a trust flagthat indicates a trust relationship established between a cellularservice user account of a mobile network operator (MNO) and the sourcedevice, and the authentication data for the one or more eSIMs waspreviously uploaded to the cloud-network service; sending, to anentitlement server of the MNO, at least a portion of the authenticationdata including the trust flag to: authenticate the target device,identify the cellular service user subscription to transfer, andindicate authority to transfer the cellular service user subscription tothe target device; and downloading and installing, after obtainingauthorization to transfer from the entitlement server, at least one ofthe one or more eSIMs to the target device from a provisioning server ofthe MNO.
 2. The method of claim 1, wherein the authentication dataincludes at least one transfer token obtained by the source device fromthe entitlement server of the MNO.
 3. The method of claim 1, furthercomprising: by the target device: presenting, via a user interface ofthe target device, a listing of the one or more eSIMs; and obtaining,via the user interface of the target device, a selection of the at leastone of the one or more eSIMs to transfer to the target device.
 4. Themethod of claim 1, further comprising: by the target device: receiving,from the entitlement server of the MNO, a redirection to a web-sheetserver of the MNO; and authenticating with the web-sheet server based ona cellular service user account login and password.
 5. The method ofclaim 1, wherein the target device and the source device are associatedwith a common user account.
 6. The method of claim 5, wherein the commonuser account is associated with the cloud-network service.
 7. The methodof claim 1, wherein the at least one of the one or more eSIMs comprisesat least two eSIMs associated with a common cellular service useraccount of the MNO.
 8. The method of claim 1, further comprising: by thetarget device: sending, to a second entitlement server of a second MNO,at least a portion of the authentication data including a second trustflag to: authenticate the target device, identify a second cellularservice user subscription to transfer, and indicate authority totransfer the second cellular service user subscription to the targetdevice; and downloading and installing, after obtaining authorization totransfer from the second entitlement server, another one or more of theone or more eSIMs to the target device from a second provisioning serverof the second MNO, wherein the second trust flag indicates a secondtrust relationship established between a second cellular service useraccount of the second MNO and the source device.
 9. The method of claim1, further comprising: by the target device: sending, to the sourcedevice, a notification indicating that the at least one of the one ormore eSIMs is active on the target device.
 10. The method of claim 1,further comprising: by the target device: receiving, from theentitlement server after installation and activation of an eSIM of theat least one of the one or more eSIMs, an authentication challenge; andproviding, to the entitlement server, a challenge response using asecret key (SK) associated with the eSIM, wherein a valid challengeresponse validates a trust relationship for the SK and associates thetrust relationship with the target device.
 11. A method for cellularservice user subscription transfer from a source device to a targetdevice, the method comprising: by the source device: receiving, via auser interface input, an indication to enable transfer of the cellularservice user subscription associated with a mobile network operator(MNO); and uploading, to a cloud-network service, authentication dataobtained from an entitlement server of the MNO for transfer of one ormore electronic subscriber identity modules (eSIMs) associated with thecellular service user subscription, wherein: the authentication dataincludes a trust flag that indicates a trust relationship establishedbetween a cellular service user account of the MNO and the sourcedevice, and the authentication data allows the target device toauthenticate with the entitlement server of the MNO and to indicateauthority to transfer the cellular service user subscription.
 12. Themethod of claim 11, further comprising: by the source device: obtaining,from an authorization server of the MNO, a transfer access token for aneSIM of the one or more eSIMs associated with the cellular service usersubscription, wherein the authentication data further includes thetransfer access token for the eSIM.
 13. The method of claim 11, furthercomprising: by the source device: receiving an indication that at leastone eSIM of the one or more eSIMs has been transferred to the targetdevice.
 14. The method of claim 11, further comprising: by the sourcedevice: generating and retaining the trust relationship with anentitlement server of the MNO based on providing successful challengeresponses to authentication challenges based on a secret key (SK) sharedwith the entitlement server.
 15. A target device configured for cellularservice user subscription transfer, the target device comprising: one ormore antennas; and processing circuitry communicatively coupled to theone or more antennas and comprising at least one processorcommunicatively coupled to a memory storing instructions that, whenexecuted by the at least one processor, configure the target device toperform operations including: obtaining, from a cloud-network service,authentication data for one or more electronic subscriber identitymodules (eSIMs) associated with the cellular service user subscription,wherein: the authentication data includes a trust flag that indicates atrust relationship established between a cellular service user accountof a mobile network operator (MNO) and a source device, and theauthentication data for the one or more eSIMs was previously uploaded tothe cloud-network service; sending, to an entitlement server of the MNO,at least a portion of the authentication data including the trust flagto: authenticate the target device, identify the cellular service usersubscription to transfer, and indicate authority to transfer thecellular service user subscription to the target device; and downloadingand installing, after obtaining authorization to transfer from theentitlement server, at least one of the one or more eSIMs to the targetdevice from a provisioning server of the MNO.
 16. The target device ofclaim 15, wherein the target device is further configured to performadditional operations including: presenting, via a user interface of thetarget device, a listing of the one or more eSIMs; and obtaining, viathe user interface of the target device, a selection of the at least oneof the one or more eSIMs to transfer to the target device.
 17. Thetarget device of claim 15, wherein the target device is furtherconfigured to perform additional operations including: receiving, fromthe entitlement server of the MNO, a redirection to a web-sheet serverof the MNO; and authenticating with the web-sheet server based on acellular service user account login and password.
 18. The target deviceof claim 15, wherein the target device and the source device areassociated with a common user account of the cloud-network service. 19.The target device of claim 15, wherein the at least one of the one ormore eSIMs comprises at least two eSIMs associated with a commoncellular service user account of the MNO.
 20. The target device of claim15, wherein the target device is further configured to performadditional operations including: receiving, from the entitlement serverafter installation and activation of an eSIM of the at least one of theone or more eSIMs, an authentication challenge; and providing, to theentitlement server, a challenge response using a secret key (SK)associated with the eSIM, wherein a valid challenge response validates atrust relationship for the SK and associates the trust relationship withthe target device.